On Wed, Aug 27, 2025 at 10:08:19AM +0200, Peter 'PMc' Much wrote: > I am feeling increasing pain from finding EFI partitions floating > around and containing spurious binaries in /EFI/BOOT/BOOTX64.efi, > where there seems to be no means whatsoever for figuring out what > these binaries do/are at all, or which version of it they would be > and what they can support. > > Currently I am in the process of migrating from R.13 to R.14, and > strangely the loader is now in the process of shrinking (from 862720 > to 662528), so even "the larger the newer" won't hold. > > Question: is there any concept to get some proper version information > into these binaries, from which then some identity and the commit tag > could be retrieved from which they were created?
I asked this same question on the forums: https://forums.freebsd.org/threads/verify-loader-version.96446/ No one could answer the question "how do you know the bootloader is authentic and matches the OS". I was disappointed that the IDS output didn't even cover /boot. Bootloaders are a critical part of the OS, and I just have to assume that whatever is in /boot is current with the OS and should be blindly copied to the EFI partition. I have no way to confirm what version of bootloader I have, or what version is in EFI. It's very frustrating. Please let me know if you find a solution. ------------------------------------------------------------------ Russell Adams russell.ad...@adamssystems.nl Principal Consultant Adams Systems Consultancy https://adamssystems.nl/
